浏览 27+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4063 | Social Icons Widget & Block <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation | wpzoom | Social Icons Widget & Block – Social Media Icons & Share Buttons | Medium | 4.3 | 2026-03-13 09:25:01 | Deep Dive |
| CVE-2026-2295 | WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Medium | 5.3 | 2026-02-11 09:27:15 | Deep Dive |
| CVE-2025-67951 | WordPress WPZOOM Addons for Elementor plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability | WPZOOM | WPZOOM Addons for Elementor | - | - | 2025-12-16 08:12:58 | Deep Dive |
| CVE-2025-62019 | WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerability | WPZOOM | Recipe Card Blocks for Gutenberg & Elementor | - | - | 2025-10-22 14:32:49 | Deep Dive |
| CVE-2025-8592 | Inspiro <= 2.1.2 - Cross-Site Request Forgery to Arbitrary Plugin Installation | wpzoom | Inspiro | High | 8.1 | 2025-08-21 05:28:13 | Deep Dive |
| CVE-2025-26983 | WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.3 - Broken Access Control vulnerability | WPZOOM | Recipe Card Blocks for Gutenberg & Elementor | Medium | 4.3 | 2025-02-25 14:17:59 | Deep Dive |
| CVE-2024-30424 | WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability | WPZOOM | Beaver Builder Addons by WPZOOM | Medium | 6.5 | 2024-11-19 22:01:00 | Deep Dive |
| CVE-2024-43293 | WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.3.1 - Broken Access Control vulnerability | WPZOOM | Recipe Card Blocks for Gutenberg & Elementor | Medium | 4.3 | 2024-11-01 14:17:30 | Deep Dive |
| CVE-2024-9027 | WPZOOM Shortcodes <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via box Shortcode | wpzoom | WPZOOM Shortcodes | Medium | 6.4 | 2024-09-25 02:05:04 | Deep Dive |
| CVE-2024-8276 | WPZOOM Portfolio Lite – Filterable Portfolio Plugin <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute | wpzoom | WPZOOM Portfolio Lite – Filterable Portfolio Plugin | Medium | 6.4 | 2024-08-31 07:36:54 | Deep Dive |
| CVE-2024-37464 | WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.5 - Local File Inclusion vulnerability | WPZOOM | Beaver Builder Addons by WPZOOM | Medium | 4.9 | 2024-07-09 11:45:30 | Deep Dive |
| CVE-2024-5686 | WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Medium | 6.4 | 2024-06-20 03:37:23 | Deep Dive |
| CVE-2024-30464 | WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability | WPZOOM | Social Icons Widget & Block by WPZOOM | Medium | 5.4 | 2024-06-09 10:41:21 | Deep Dive |
| CVE-2024-5147 | WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File Inclusion | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Critical | 9.8 | 2024-05-22 07:37:26 | Deep Dive |
| CVE-2024-2189 | Social Icons Widget & Block < 4.2.18 - Admin+ Stored XSS | Unknown | Social Icons Widget & Block by WPZOOM | - | - | 2024-05-21 06:00:02 | Deep Dive |
| CVE-2024-4370 | WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget | wpzoom | WPZOOM Addons for Elementor – Starter Templates & Widgets | Medium | 6.4 | 2024-05-14 23:31:46 | Deep Dive |
| CVE-2024-33539 | WordPress WPZOOM Addons for Elementor plugin <= 1.1.35 - Cross Site Scripting (XSS) vulnerability | WPZOOM | WPZOOM Addons for Elementor (Templates, Widgets) | Medium | 6.5 | 2024-04-29 05:23:31 | Deep Dive |
| CVE-2024-3662 | WPZOOM Social Feed Widget & Block <= 2.1.13 - Missing Authorization to Authenticated (Subscriber+) Instagram Image Deletion | wpzoom | WPZOOM Social Feed Widget & Block | Medium | 4.3 | 2024-04-13 08:41:30 | Deep Dive |
| CVE-2024-2183 | Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget | wpzoom | WPZOOM Addons for Beaver Builder | Medium | 6.4 | 2024-04-09 18:59:00 | Deep Dive |
| CVE-2024-2186 | Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget | wpzoom | WPZOOM Addons for Beaver Builder | Medium | 6.4 | 2024-04-09 18:58:58 | Deep Dive |